Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2013-075-01
HistoryMar 16, 2013 - 1:11 a.m.

ruby

2013-03-1601:11:53
Slackware Linux Project
www.slackware.com
13

0.236 Low

EPSS

Percentile

96.1%

JSON

New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current
to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:

patches/packages/ruby-1.9.3_p392-i486-1_slack14.0.txz: Upgraded.
This release includes security fixes about bundled JSON and REXML.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1821
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ruby-1.9.3_p392-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ruby-1.9.3_p392-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ruby-1.9.3_p392-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ruby-1.9.3_p392-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ruby-1.9.3_p392-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ruby-1.9.3_p392-x86_64-1_slack14.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/ruby-1.9.3_p392-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/ruby-1.9.3_p392-x86_64-1.txz

MD5 signatures:

Slackware 13.1 package:
d8a92d0917f4107ebad92f0acc918f0a ruby-1.9.3_p392-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
b0c05ed98dec1b441e3c6b2b1c2ef448 ruby-1.9.3_p392-x86_64-1_slack13.1.txz

Slackware 13.37 package:
668cbcb1d019be2d17d2e360e14ca71a ruby-1.9.3_p392-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
3dd5f32e3a490c99b76849a3849d3d7e ruby-1.9.3_p392-x86_64-1_slack13.37.txz

Slackware 14.0 package:
2243ed86da5940c91a4b1c6321613229 ruby-1.9.3_p392-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
bebd503e73b25925759c0911e7e8c805 ruby-1.9.3_p392-x86_64-1_slack14.0.txz

Slackware -current package:
75ef8411ec70de62ccc9d53343fe67c7 d/ruby-1.9.3_p392-i486-1.txz

Slackware x86_64 -current package:
282f29edc2de41f8757f00234de97777 d/ruby-1.9.3_p392-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg ruby-1.9.3_p392-i486-1_slack14.0.txz

Related

openvas 41
nessus 53
redhat 6
cve 4
osv 7
amazon 8
github 3
oraclelinux 2
ubuntu 2
fedora 2
debiancve 2
ubuntucve 4
freebsd 2
centos 2
prion 4
suse 5
veracode 4
debian 6
hackerone 1
rubygems 5
alpinelinux 1
redhatcve 1
securityvulns 2
threatpost 1
gentoo 1
openvas
openvas
Slackware: Security Advisory (SSA:2013-075-01)
2022-04-21 00:00:00
RedHat Update for ruby RHSA-2013:0611-01
2013-03-08 00:00:00
RedHat Update for ruby RHSA-2013:0611-01
2013-03-08 00:00:00
nessus
nessus
Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2013-075-01)
2013-03-17 00:00:00
openSUSE Security Update : ruby (openSUSE-SU-2013:0603-1)
2014-06-13 00:00:00
RHEL 5 : ruby (RHSA-2013:0611)
2013-03-08 00:00:00
redhat
redhat
(RHSA-2013:1185) Important: Red Hat JBoss Fuse 6.0.0 patch 2
2013-08-29 00:00:00
(RHSA-2013:0611) Moderate: ruby security update
2013-03-07 00:00:00
(RHSA-2013:1028) Important: Fuse ESB Enterprise 7.1.0 update
2013-07-09 00:00:00
cve
cve
CVE-2013-1821
2013-04-09 21:55:00
CVE-2013-0269
2013-02-13 01:55:00
CVE-2020-10663
2020-04-28 21:15:00
osv
osv
Ruby vulnerable to denial of service
2022-05-17 03:23:26
JSON gem has Improper Input Validation vulnerability
2017-10-24 18:33:37
ruby1.9.1 - several
2013-08-18 00:00:00
amazon
amazon
Medium: ruby19
2013-05-24 13:57:00
Medium: ruby19, ruby21
2020-08-26 23:10:00
Medium: rubygem-json
2020-08-26 23:09:00
github
github
Ruby vulnerable to denial of service
2022-05-17 03:23:26
JSON gem has Improper Input Validation vulnerability
2017-10-24 18:33:37
Unsafe object creation in json RubyGem
2020-07-27 18:08:21
oraclelinux
oraclelinux
ruby security update
2013-03-07 00:00:00
ruby security update
2013-03-07 00:00:00
ubuntu
ubuntu
Ruby vulnerability
2013-03-25 00:00:00
Ruby vulnerabilities
2013-02-21 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-json-1.6.8-1.fc18
2013-03-05 23:31:15
[SECURITY] Fedora 17 Update: rubygem-json-1.6.8-1.fc17
2013-03-05 23:33:55
debiancve
debiancve
CVE-2013-0269
2013-02-13 01:55:00
CVE-2020-10663
2020-04-28 21:15:00
ubuntucve
ubuntucve
CVE-2013-0269
2013-02-12 00:00:00
CVE-2013-1821
2013-03-07 00:00:00
CVE-2020-10663
2020-04-28 00:00:00
freebsd
freebsd
Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON
2013-02-11 00:00:00
rubygem-json -- Unsafe Objection Creation Vulnerability in JSON (Additional fix)
2020-03-19 00:00:00
centos
centos
ruby security update
2013-03-08 00:25:53
ruby security update
2013-03-09 00:47:26
prion
prion
Sql injection
2013-02-13 01:55:00
Design/Logic Flaw
2013-04-09 21:55:00
Design/Logic Flaw
2020-04-28 21:15:00
suse
suse
Security update for rubygem-json_pure (important)
2013-04-09 19:04:58
Security update for rubygem-json_pure (important)
2013-04-03 20:08:23
Security update for rubygem-extlib (important)
2013-04-03 20:10:37
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:59:34
Denial Of Service (DoS)
2020-03-23 03:14:43
Arbitrary Code Execution
2019-05-02 04:44:25
debian
debian
[SECURITY] [DLA 215-1] libjson-ruby security update
2015-04-30 16:34:41
[SECURITY] [DSA 2738-1] ruby1.9.1 security update
2013-08-18 16:58:53
[SECURITY] [DLA 2192-1] ruby2.1 security update
2020-04-30 22:01:47
hackerone
hackerone
Ruby: Variant of CVE-2013-0269 (Denial of Service and Unsafe Object Creation Vulnerability in JSON)
2019-10-03 05:19:48
rubygems
rubygems
CVE-2013-0269 rubygem-json: Denial of Service and SQL Injection
2013-02-11 20:00:00
Unsafe Object Creation Vulnerability in JSON (Additional fix)
2020-03-18 21:00:00
CVE-2013-1821 ruby: entity expansion DoS vulnerability in REXML
2013-02-21 20:00:00
alpinelinux
alpinelinux
CVE-2020-10663
2020-04-28 21:15:00
redhatcve
redhatcve
CVE-2020-10663
2020-04-24 04:33:39
securityvulns
securityvulns
Ruby multiple security vulnerabilities
2013-02-24 00:00:00
[USN-1733-1] Ruby vulnerabilities
2013-02-24 00:00:00
threatpost
threatpost
Ruby on Rails Patches DoS, Remote Execution Flaws
2013-02-13 17:51:57
gentoo
gentoo
Ruby: Denial of service
2014-12-13 00:00:00

0.236 Low

EPSS

Percentile

96.1%

JSON
Related for SSA-2013-075-01
openvas41nessus53redhat6cve4osv7amazon8github3oraclelinux2ubuntu2fedora2debiancve2ubuntucve4freebsd2centos2prion4suse5veracode4debian6hackerone1rubygems5alpinelinux1redhatcve1securityvulns2threatpost1gentoo1